Re: [PRODIG] OSX password failure

[Richard Allen]

Single user mode grants you root privileges at boot up if you hold down 
command + s. It does not magically let you crack passwords but it will 
let you trash things fairly comprehensively, though devices are mounted 
read only  to begin with. It is only really an issue if you allow other 
users physical access to your machine and it provides a useful 'rescue' 
service things get screwed up! Single user mode can be disabled see
http://www.securemac.com/disablemacosxsingleboot.php
but heed the warnings!

On Monday, Sep 15, 2003, at 10:11 Europe/London, Simon Pugh wrote:

Anyhow to cut a long story short there is a workround which involves 
someone
who knows UNIX code and regards this kind of thing as a challenge to 
be over
come. Two hours of scrolling code and it was working again.
Two hours!!

There is a gaping security hole in OSX called 'single user mode' 
which, with
it's blind granting of root privileges, makes it very simple to access 
and
crack passwords. It's possible to do this in less than 15 minutes.

Simon.

===============================================================
GO TO http://www.prodig.org for ~ GUIDELINES ~ un/SUBSCRIBING ~ ITEMS 
for SALE

===============================================================
GO TO http://www.prodig.org for ~ GUIDELINES ~ un/SUBSCRIBING ~ ITEMS for SALE